Tempo is preparing for a future network upgrade with the implementation of TIP-1020, a new precompiled contract for efficient on-chain signature verification.

> impact

The core implementation for TIP-1020 has been merged into the Tempo client, introducing a new precompiled contract for cryptographic signature verification. This precompile provides a native, low-gas function for `ecrecover`, allowing contracts to efficiently verify that a given signature corresponds to a specific message hash and signer address. This functionality is crucial for many cryptographic protocols but has historically been expensive to perform within the EVM. The primary motivation for TIP-1020 is to drastically reduce the gas costs associated with on-chain signature verification. Executing `ecrecover` in Solidity is computationally intensive, creating a significant barrier for dApps that rely on it heavily, such as multi-signature wallets, decentralized identity systems, and certain types of L2 bridges. By implementing this logic as a precompile, the operation is executed directly by the node's native code, resulting in an order-of-magnitude improvement in performance and gas efficiency. For developers, the impact is a significant expansion of the design space for secure and cost-effective applications. Complex account abstraction schemes, gasless meta-transactions, and more sophisticated multi-sig contracts become economically viable. While the code has been merged, the precompile will not be active on mainnet until the next coordinated network upgrade (hard fork). This gives the ecosystem ample time to test, adapt, and build innovative tools that leverage this powerful new primitive.

> Try this now

try this

// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;

// TIP-1020 introduces a precompile for signature verification.
// This contract demonstrates how to call it to verify a message signature.

contract SignatureVerifier {
    // The precompile is proposed to live at address 0x0A.
    address constant SIG_VERIFY_PRECOMPILE = address(0x0A);

    // Verifies a signature and returns the signer's address.
    // Reverts if the signature is invalid.
    function verify(
        bytes32 hash,
        uint8 v,
        bytes32 r,
        bytes32 s
    ) public view returns (address) {
        // The precompile expects a tightly packed 97-byte input:
        // 32 bytes for the hash
        // 1 byte for v
        // 32 bytes for r
        // 32 bytes for s
        bytes memory input = abi.encodePacked(hash, v, r, s);
        address recoveredAddress;

        // Use assembly to make a staticcall to the precompile.
        assembly {
            // staticcall(gas, to, in, insize, out, outsize)
            // `gas()` forwards all available gas.
            // `SIG_VERIFY_PRECOMPILE` is the target address.
            // `add(input, 0x20)` points to the start of the data in `input`.
            // `97` is the size of our input data.
            // `recoveredAddress` is the memory location for the output.
            // `32` is the expected size of the output (an address padded to 32 bytes).
            if staticcall(gas(), SIG_VERIFY_PRECOMPILE, add(input, 0x20), 97, recoveredAddress, 32) {
                // Success: The `recoveredAddress` variable now holds the result.
                // The EVM returns addresses as 32-byte values, so no masking is needed here.
            } else {
                // Failure: The signature was invalid, so the precompile reverted.
                // We revert the entire call to signal the failure.
                revert(0, 0);
            }
        }

        // Return the address recovered from the signature.
        return recoveredAddress;
    }
}